8a7599a2cb34061a61194be850cf8c45_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8a7599a2cb34061a61194be850cf8c45_JaffaCakes118
Size

13KB
MD5

8a7599a2cb34061a61194be850cf8c45
SHA1

41ea160388cb33b8a2c51f892246d4d1be5cb7ad
SHA256

d07d034802e0f52010988a0719a2103e2d148739b7f23b0b25dd467f69c6ae79
SHA512

aaf7204c5b451b1a895eef2d853cd3a57425a71870d77e6d5bb436a1d76ce3fd205d21500cfde8cde23acd585cdff8c907ab46b6c2b63e8f09c741a2eceed667
SSDEEP

192:BX6hktiehvsD5uWHZFAZtJH9WueWucTccwJvrYtaTc3X306v:JqktrE5uGAZHDscTccwFon

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a7599a2cb34061a61194be850cf8c45_JaffaCakes118

Files

8a7599a2cb34061a61194be850cf8c45_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3d335504340044109a631ce402e49714

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetDlgItemTextA
wsprintfA
SetDlgItemInt
SendMessageA
SendDlgItemMessageA
MessageBoxA
LoadIconA
GetDlgItemTextA
GetDlgItemInt
EndDialog
DialogBoxParamA

kernel32

GetVersionExA
SetEndOfFile
CloseHandle
CreateFileA
DeleteFileA
ExitProcess
ExpandEnvironmentStringsA
FindResourceA
FlushFileBuffers
GetModuleHandleA
RtlZeroMemory
LoadResource
LockResource
ReadFile
SizeofResource
Sleep
WriteFile

comdlg32

GetSaveFileNameA

advapi32

DeleteService
StartServiceA
OpenServiceA
OpenSCManagerA
CreateServiceA
ControlService
CloseServiceHandle

Sections

.text
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE